<?php

class NewsletterController extends MainController implements ControllerInterface {

	public function indexAction($param) {
		$this->AddDescription("");
		$this->AddTitle("");
		$_SERVER['PHP_AUTH_DIGEST'] = '';
		$dalObj = LpNewsletterDAL::GetDalDataObj();
		$dalObj->setOrderBy('date DESC');
		$ns = LpNewsletterDAL::GetResult($dalObj);


		$this->smarty->assign('ns', $ns);
	}

	public function PreDispatch($param) {
		$this->Run($param);

		$realm = 'newsletter';
		$users = array('admin' => 'TenniZ00m_Notify2011');

		if (empty($_SERVER['PHP_AUTH_DIGEST'])) {
			header('HTTP/1.1 401 Unauthorized');
			header('WWW-Authenticate: Digest realm="' . $realm .
					'",qop="auth",nonce="' . uniqid() . '",opaque="' . md5($realm) . '"');

			die('');
		}

		if (!($data = $this->http_digest_parse($_SERVER['PHP_AUTH_DIGEST'])) ||
				!isset($users[$data['username']])) {
			die('Wrong Credentials');
		}

		$A1 = md5($data['username'] . ':' . $realm . ':' . $users[$data['username']]);
		$A2 = md5($_SERVER['REQUEST_METHOD'] . ':' . $data['uri']);
		$valid_response = md5($A1 . ':' . $data['nonce'] . ':' . $data['nc'] . ':' . $data['cnonce'] . ':' . $data['qop'] . ':' . $A2);

		if ($data['response'] != $valid_response) {
			die('Wrong Credentials!');
		}
	}

	private function http_digest_parse($txt) {
		// protect against missing data
		$needed_parts = array('nonce' => 1, 'nc' => 1, 'cnonce' => 1, 'qop' => 1, 'username' => 1, 'uri' => 1, 'response' => 1);
		$data = array();
		$keys = implode('|', array_keys($needed_parts));

		preg_match_all('@(' . $keys . ')=(?:([\'"])([^\2]+?)\2|([^\s,]+))@', $txt, $matches, PREG_SET_ORDER);

		foreach ($matches as $m) {
			$data[$m[1]] = $m[3] ? $m[3] : $m[4];
			unset($needed_parts[$m[1]]);
		}

		return $needed_parts ? false : $data;
	}

	public function PostDispatch($param) {

		// nagłówek strony
		$this->RunShared('Header', $param);

		// footer
		$this->RunShared('Footer', $param);
	}

}

?>
